General
-
Target
file.exe
-
Size
1.5MB
-
Sample
221228-qbh7ksad97
-
MD5
75ae21ffb444c99cb63f0d9abaa648b2
-
SHA1
d3666f32224c5244e7d098773af3679f5ab03db4
-
SHA256
c0dc0167c70151a4f5311b40d638628e311d3a0f17320515897c7d96ad755968
-
SHA512
8ee59828d0dbdd63747c49a74d99efd024ffc4cab1fd531eac5a9e57cc539799adcee7586617ff2b5e47dcc7224518dfbd8bcfb7dbf7effb48a0d05d0a7b85ec
-
SSDEEP
24576:yAiKf8LZFNvGPSj4jzmQuiOi07JuutJRh4Emqmmq/mh9mITmkQS:yIOvTQSguXtFQS
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
1.7
724
https://t.me/robloxblackl
https://steamcommunity.com/profiles/76561199458928097
-
profile_id
724
Targets
-
-
Target
file.exe
-
Size
1.5MB
-
MD5
75ae21ffb444c99cb63f0d9abaa648b2
-
SHA1
d3666f32224c5244e7d098773af3679f5ab03db4
-
SHA256
c0dc0167c70151a4f5311b40d638628e311d3a0f17320515897c7d96ad755968
-
SHA512
8ee59828d0dbdd63747c49a74d99efd024ffc4cab1fd531eac5a9e57cc539799adcee7586617ff2b5e47dcc7224518dfbd8bcfb7dbf7effb48a0d05d0a7b85ec
-
SSDEEP
24576:yAiKf8LZFNvGPSj4jzmQuiOi07JuutJRh4Emqmmq/mh9mITmkQS:yIOvTQSguXtFQS
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-